Report Overview
Visitedpublic
2025-09-23 06:25:57
Submit Tags
URL
xversewallet.pages.dev/www.xverse.app/
Finishing URL
xversewallet.pages.dev/www.xverse.app/
IP / ASN
172.66.47.149
Title
Xverse - Best Bitcoin Web3 Wallet for Android, iOS & Chrome
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
6
Threat Detection Systems
1
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
xversewallet.pages.dev 4 alert(s) on this Host | unknown | 2020-09-02 | 2025-09-23 | 2025-09-23 | 14 kB | 1.7 MB | 172.66.44.107 |       |
cdn.prod.website-files.com | 20159 | 2019-01-23 | 2023-11-01 | 2025-09-21 | 2.8 kB | 189 kB | 104.18.160.117 |  |
fonts.gstatic.com | unknown | 2008-02-11 | 2014-04-02 | 2025-09-21 | 1.1 kB | 99 kB |  142.250.74.35 | |
fonts.googleapis.com | 313 | 2005-01-25 | 2012-05-23 | 2025-09-21 | 477 B | 8.3 kB | 142.250.178.106 |
Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Optibase (A/B Testing)
Optibase is an A/B testing app for Webflow, enabling data-driven decisions by testing various elements such as copy, design, or entire pages, aimed at improving site conversions.jsDelivr (CDN)
JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.Google Tag Manager (Tag managers)
Google Tag Manager is a tag management system (TMS) that allows you to quickly and easily update measurement codes and related code fragments collectively known as tags on your website or mobile app.Google Analytics (Analytics)
Google Analytics is a free web analytics service that tracks and reports website traffic.jQuery:3.5.1 (JavaScript libraries)
jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.Amazon Web Services (PaaS)
Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| medium | 172.18.0.12 | 192.169.69.26 | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | |
| low | 172.18.0.12 | 172.66.44.107 | ET INFO Observed Cloudflare Page Developer Domain (pages .dev in TLS SNI) | |
| medium | 172.18.0.12 | 192.169.69.26 | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | |
| medium | 172.18.0.12 | 192.169.69.26 | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | |
| medium | 172.18.0.12 | 192.169.69.26 | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain | |
| medium | 172.18.0.12 | 192.169.69.26 | ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain |
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | xversewallet.pages.dev/www.xverse.app/x.js | malware | Detects file containing Telegram Bot API |
Telegram Bot detected (2)
URL
xversewallet.pages.dev/www.xverse.app/x.js
IP / ASN
172.66.44.107
Token
7141420161:AAGh3wZMnUv45CEQg6UE7e0xpQIZGtYcdPA
Bot Overview
User ID7141420161
UsernameMissCollectoraiBot
First NameMiss Collector
Last NameN/A
Chat Info
Chat ID-4704812522
Chat Typegroup
TitleBiggerBond
User Count19
Admins0
Pending Msgs1
URL
xversewallet.pages.dev/www.xverse.app/x.js
IP / ASN
172.66.44.107
Token
7141420161:AAGh3wZMnUv45CEQg6UE7e0xpQIZGtYcdPA
Bot Overview
User ID7141420161
UsernameMissCollectoraiBot
First NameMiss Collector
Last NameN/A
Chat Info
Chat ID-4704812522
Chat Typegroup
TitleBiggerBond
User Count19
Admins0
Pending Msgs1
JavaScript (15)
No JavaScripts
HTTP Transactions (35)
| URL | IP | Response | Size |
|---|