Report Overview
Visitedpublic
2026-04-03 00:12:32
Tags
Submit Tags
URL
reformmembershipcert.wasmer.app
Finishing URL
reformmembershipcert.wasmer.app/
IP / ASN
144.76.124.123
Title
Navy Federal Credit Union - Our Members are the Mission®
Suspicious - Suspicious Javascript code
Detections
urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
3
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
reformmembershipcert.wasmer.app 7 alert(s) on this Host | unknown | 2018-10-16 | 2026-04-03 | 2026-04-03 | 1.5 kB | 5.1 MB | 144.76.124.123 |  |
digitalapps.navyfederal.org | 93913 | 1997-03-24 | 2020-08-13 | 2026-04-03 | 3.1 kB | 3.0 kB |  184.25.10.9 |    |
cdnjs.cloudflare.com | 1222 | 2009-02-17 | 2012-05-23 | 2026-03-29 | 492 B | 32 kB |  104.17.25.14 |  |
PHP:8.3.21 (Programming languages)
PHP is a general-purpose scripting language used for web development.Akamai (CDN)
Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.IIS:10.0 (Web servers)
Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.Windows Server (Operating systems)
Windows Server is a brand name for a group of server operating systems.Cloudflare (CDN)
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.Related reports
Threat Detection Systems
| Detection System | Indicator | Verdict | Alert |
|---|---|---|---|
| YARAhub by abuse.ch | javascript.write.md5:cfd2a33c8f058099ca931f7ec48fe566 | malware | Detects file containing Telegram Bot API |
| OpenDNS | reformmembershipcert.wasmer.app | phishing | Phishing Block |
| DNS4EU | reformmembershipcert.wasmer.app | malicious | Sinkholed |
Telegram Bot detected (1)
Token
8417022996:AAHRAy1cqBm2cWwjt1euyl5pU3-qFLx8FSg
Bot Overview
User ID8417022996
UsernameDnorthface_bot
First NameHereWeGoAgain
Last NameN/A
Chat Info
Chat ID1140634155
Chat Typeprivate
TitleN/A
User Count2
Admins0
Pending Msgs1
JavaScript (6)
| HASH | FROM | Size | First Seen | Last Seen | |||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| 03e15e57d5b834fe634c634a4127e4e1 | DocumentWrite | 1.7 MB | 2026-04-03 | 2026-04-03 | |||||||
Introduced by DocumentWrite First Seen 2026-04-03 Last Seen 2026-04-03 Times Seen 3 Size 1.7 MB (1685127 bytes) MD5 03e15e57d5b834fe634c634a4127e4e1 SHA1 5ff426cac4c6638ccfdaa48dd2e074da1e3cd0a7 Loading... | |||||||||||
| e2657f31d5062ff201f47bc21fbff295 | DocumentWrite | 1.3 MB | 2026-04-03 | 2026-04-03 | |||||||
Introduced by DocumentWrite First Seen 2026-04-03 Last Seen 2026-04-03 Times Seen 2 Size 1.3 MB (1260777 bytes) MD5 e2657f31d5062ff201f47bc21fbff295 SHA1 dc82b1032a91cc14b7b98cb002208b4115fdbb92 Loading... | |||||||||||
| cfd2a33c8f058099ca931f7ec48fe566 | DocumentWrite | 105 kB | 2026-04-03 | 2026-04-03 | |||||||
Introduced by DocumentWrite First Seen 2026-04-03 Last Seen 2026-04-03 Times Seen 2 Size 105 kB (104683 bytes) MD5 cfd2a33c8f058099ca931f7ec48fe566 SHA1 6b460c24abf12e60e345ce0e555c7acf9c50c05a Detections
Loading... | |||||||||||
HTTP Transactions (8)
| URL | IP | Response | Size |
|---|